package com.xiguthings.waka.shiro.realm;

import java.util.ArrayList;
import java.util.List;

import javax.annotation.Resource;

import com.xiguthings.waka.po.Maintainer;
import com.xiguthings.waka.service.maintainer.IMaintainerService;
import com.xiguthings.waka.shiro.CustomizedToken;
import com.xiguthings.waka.web.controller.base.AbstractController;
import org.apache.commons.lang3.StringUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.springframework.beans.factory.annotation.Autowired;


public class MaintainerAuthRealm extends AuthorizingRealm {

    @Resource
    private IMaintainerService maintainerService;

    /**
     * 授权（此方法要用到jsp中的<shiro></shiro>标签，否则不会吃法此方法）
     */
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
        // 获取登录用户的权限，配合jsp页面中的shiro标签进行控制
//		SysUserEntity curUser = (SysUserEntity) principals.fromRealm(getName()).iterator().next();
//		String account = curUser.getAccount();
//		List<String> sList = null;
//		if (account.equals("admin")) {
//			sList = this.getAllPermission();
//		} else {
//			sList = this.getPermission(account);
//		}
//		System.out.println("获得的权限："+sList);
        SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
//		if (sList != null && sList.size() > 0) {
//			for (String permission : sList) {
//				// 设置当前用户的权限
//				authorizationInfo.addStringPermission(permission);
//			}
//		} else {
//			authorizationInfo.addStringPermission("0");
//		}
        return authorizationInfo;
    }

    /**
     * 认证 登录
     */
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {

        // 1.向下转型
        CustomizedToken upToken = (CustomizedToken) token;
        String username = upToken.getUsername();
        char[] pdChar = upToken.getPassword();
        String password = "";
        if (pdChar != null && pdChar.length > 0) {
            password = new String(pdChar);
        }
        if (StringUtils.isNotBlank(username) && StringUtils.isNotBlank(password)) {
            try {
                // 2.调用业务方法，实现根据用户名查询
                Maintainer maintainer = maintainerService.selectByAccount(username);
                upToken.getParam().put(AbstractController.SESSION_CRN_MAINTAINER, maintainer);
                if (maintainer != null) {
                    AuthenticationInfo info = new SimpleAuthenticationInfo(maintainer, maintainer.getPassword(), this.getName());
                    return info; // 此处如果返回，就会立即进入到密码比较器
                }
            } catch (Exception e) {
                e.printStackTrace();
            }
        }
        return null;// 就会出现异常
    }

}
